- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Fri, 2 Nov 2018 12:48:17 -0400
- To: public-credentials@w3.org
On 11/2/18 12:15 PM, Anders Rundgren wrote: > I believe we who work with canonicalization schemes do not follow > here. To be clear, it sounds like the point that you and Chris are making is an argument against COSE, which is the direction the industry is going in. I'm pretty sure I know what you are saying, but rather than try to restate it, I'd like you and Chris to be more specific about the exact attack you're concerned with (rather than general security principles, of which many of us are aware of). That is, it sounds like Chris is stating that we are deviating from security best practices, which none of us want to do, so, we'd like to know exactly what practice we're deviating from and exactly what the attack is... specifically. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Friday, 2 November 2018 16:48:47 UTC